How to enable or disable GSSAPI authentication in SSH
GSSAPI or Generic Security Service Application Programming Interface allows login to an SSH server via alternative mechanisms such as Kerberos.
It's useful for those who need the feature, but it could just unnecessarily slow the overall login process if you're using the normal password or public-key authentication method.
Related: How to speed up SSH authentication
You can disable or enable GSSAPI authentication for SSH via GSSAPIAuthentication directive in your SSHd configuration.
GSSAPIAuthentication
Specifies whether user authentication based on GSSAPI is allowed. The default is no.
Steps to disable or enable GSSAPI authentication in SSH:
- Launch your preferred terminal application (optional).
- Open SSHd configuration file using your favorite text editor.
$ sudo vi /etc/ssh/sshd_config [sudo] password for user:
- Search for GSSAPIAuthentication directive and set the value to no to disable GSSAPIAuthentication authentication method or yes to enable.
GSSAPIAuthentication no
Add the line if it doesn't already exist and remove # at the beginning of the line if it exists.
- Save and exit the text editor.
- Reload or restart SSH server service.
$ sudo systemctl restart sshd
Author: Mohd Shakir Zakaria
Cloud architect by profession but always consider himself as a developer, entrepreneur and an opensource enthusiast.
Cloud architect by profession but always consider himself as a developer, entrepreneur and an opensource enthusiast.
Discuss the article:
Comment anonymously. Login not required.
